Everyone has their own experiences but with QnA + Jaxels xenUtils with the API's enabled we have had zero spam. Have you tried to decent QnA's before?

Click to expand...

I don't want to have to edit the Q&A's all the time. Which is why I opted for a CAPTCHA-style hack. I fell in love with SolveMedia's because not only will it combat spam, it's an ad on top of it; meaning I get monies.

These still look like XRumer (but can't confirm), iterating through usernames is bot like behaviour (and continuous user attempts is also bot like behaviour). XRumer does have the ability to upload avatars, pick out topic relevant conversations / forums

Try a few other plugins, one might pleasantly surprise you (hint.. fbhp currently stops 100% of bots, but if it is human spam, StopHumanSpam / StopCountrySpam might help)

There is more than just XenUtiles and Common CAPTCHA that bots have been trained to beat,
a few are listed here: Dealing with forum spam

The core will always be targeted. As methods are put in place globally, the reward for breaking these methods becomes higher

QA's have been beaten for a while (This is a game of Russian roulette, it's only time until your qa is added to textcaptcha.txt and then shared on a central db)

The only draw back about Questions and Answers (Q & A) is the language barrier. If your site accepts everyone (word-wide) and allows all languages... Q & A isn't going to be a solution.

And captcha sometimes also adds this limitation. Because the keyboard characters are not universal either. And to be honest, most of them make it impossible for a real human person to read what is actually on the screen. Or are dependent on media from outside sources.

Nothing is 100% full proof or bullet proof. But for what it is worth, we currently use the following

1.1.4 was pretty good out of the box (I have three forums on it), but eventually the spammers found it.

In the forum where I allow unregistered guest posts, I had to delete as many as 24 in a 2-3 hour period. Spam registrations were popping up again with some frequency. Moderating registrations and unregistered posts didn't seem to discourage them, and I really hate wasting my time in that manner.

So I a week ago I reintroduced KeyCaptcha, which a few months ago applied the coup de grace to all the spammies in my 1.1.3 forums. I've had no spam issues since.

I know some criticize KeyCaptcha as theoretically driving users away, but i question that. I've never really noticed a difference before & after, and personally I find KeyCaptcha much easier than ReCaptcha (plus the spammers long ago broke ReCaptcha -- what's hard for us to read is easier with a computer & the right software).

So these are my successful combinations which block virtually all spam:

Your questions and the correct answers will end up in Xrumer's database share by all their ilk.

Click to expand...

This is one issue that put me off from using Q&A. It poses a security hole. Because the xRumer database will eventually be hacked. Just like Anonymous hacked LucSec and vice versa. So once these hackers get your Q&A, it goes into bigger problems than just your forum.

Huh? That makes absolutely no sense at all. Especially since the answer to your Q&A has nothing to do with how secure your server is.

Click to expand...

Who said anything about servers? You ever consider the security of your e-mail address? Because the whole point of this xrumer database is to bypass these Q&A input boxes... Like I said: Bigger problems than your forum.

It's the same thing as having this index of popular passwords and/or popular PIN numbers.

Who said anything about servers? You ever consider the security of your e-mail address? Because the whole point of this xrumer database is to bypass these Q&A input boxes... Like I said: Bigger problems than your forum.

It's the same thing as having this index of popular passwords and/or popular PIN numbers.

Click to expand...

You edited after I replied.

And no, it's NOT like an index of passwords. Let's get real here, shall we?